I’m not entirely sure why all the hate : Jenkins can do the most things the must ways. And yes, it’s so much nicer defining a pipeline with a fully functional language than an assortment of yaml files

Actually that was my response when my company wanted to start using Gitlab ci. It only has one way of doing things so you can probably get a faster start if you had no ci, were a small company, and had simple builds. However we’re over 4,000 builds in many languages from 12 year old monoliths to modern micro services and containers…… and way too much godawful JavaScript. Do you want the quick and simple tool great for a small startup or the all powerful kitchen sink of tools?

Home Assistant hs communities to share exactly that

My similar script has a very different goal: at midnight if someone is still up, it dims the family room light and announces on speaker”hey kids, it’s time for bed”

As everyone else says, look at home bridge. I use HA for my automation but use the bridge to expose many devices to HomeKit.

I verified I can set up HomeKit and use family share for my family to see the dashboards I set up there

Signing (intermediate) certs have been compromised before. That means a bad actor can issue fake certs that are validated up to your root ca certs

While you can invalidate that signing cert, without useful and ubiquitous revocation lists, there’s nothing you can do to propagate that.

A compromised signing certs, effectively means invalidating the ca cert, to limit the damage

Hosting email just saved the day! My ex got locked out of her email account and password resets were blocked. However she still had one “home” forwarding email configured as a recovery address, so we were able to redirect it somewhere accessible and unlock her email account!

A buddy of mine did that by ups. His “offsite backup” was a raspberry pi zip tied to a couple drives and mailed to me. All I needed to do was plug it in to power and Ethernet (and trust him on my network).

When a drive died, he mailed another one and I mailed the original back

Hah, my lab is mostly a bunch of raspberry pi’s screwed to a wall

I always thought this was an argument for properly racking everything. If it takes more effort, more time to remove, maybe they won’t bother.

My understanding is that for most individuals, theft is mainly

1. Targets of opportunity. Lock your door and make sure nothing expensive is visible
2. Smash and Grab. The goal is to act fast and not care about what you break, so anything harder to smash (without tools) or that causes delay is good.

I do have outside cameras but they’re not as useful as you’d think. Maybe they have some deterrent value but they’re not going to alert anyone fast enough unless they’re already in the house and you’re not going to identify anyone even if you catch a good shot of their face. If the do catch someone, perhaps the video is enough to say, yep

For my use case, I’m continually fiddling with my VM config. That’s my playground, not just the services hosted there. I want home assistant to always be available so it can’t be there.

I suppose I could have a “production “ vm server that I keep stable, separately from my “dev” vm server but that would be more effort. Maybe it’s simply that I don’t have many services I want to treat as production, so the physical hardware is the cheapest and easiest option

Same here. In particular I like small cheap hardware to act as appliances, and have several raspberry pi.

My example is home assistant. Deploying on its own hardware means an officially supported management layer, which makes my life easier. It is actually running containers but i don’t have to deal with that. It also needs to be always available so i use efficient “right sized” hardware and it works regardless whether im futzing with my “lab”

The authors approach to not owning anything digital was to attempt self hosting. But the authors reaction to the amount of work was that he shouldn’t own the “self-hosting”? He does not even realize that he’s back to not owning anything

What’s your goal in using fake info? If it’s general privacy, it’s easy enough to register where your info is private to the registrar

I’m actually planning to do an evaluation of a n ai code review tool to see what it can do. I’m actually somewhat optimistic that it could do this better than it can code

I really want to sic it on this one junior programmer who doesn’t understand that you can’t just commit ai generated slop and expect it to work. This last code review after over 60 pieces of feedback I gave up on the rest and left it as he needs to understand when ai generated slop needs help

Ai is usually pretty good at unit tests but it was so bad. Randomly started using a different mocking framework, it actually mocked entire classes and somehow thought that was valid to test them. Wasting tests on non-existent constructors no negative tests, tests without verifying anything. Most of all there were so many compile errors, yet he thought that was fine

My company only allows downloads from official sources, verified publishers, signed where we can. This is enforced by only allowing the repo server to download stuff and only from places we’ve configured. In general those go through a process to reduce the chances of problems and mitigate them quickly.

We also feed everything through a scanner to flag known vulnerabilities, unacceptable licenses

If it’s fully packaged installable software, we have security guys that take a look at I have no idea what they do and whether it’s an audit

I’m actually going round in circles with this one developer. He needs an open source package and we already cache it on the repo server in several form factors, from reputable sources …… but he wants to run a random GitHub component which downloads an unsigned tar file from an untrusted source

I imagine there’s a significant chunk of users who don’t know or care how to properly open their server up to the world and are relying on the Plex proxies

That seems like the obvious place to put a subscription that won’t get people upset. Or maybe it’s in the presentation.

When HomeAssistant started a subscription, they renewed their commitment to opensource, added new remote features with obvious costs under subscription while still letting you do it yourself, plus made it clear this funded continued opensource development. I happily pay this and haven’t been disappointed. Did Plex fumble a similar opportunity?

Definitely curious as well, but so far haven’t gotten around to trying

I used to do that but it would constantly nag until I connected it

Don’t wait. Come talk to us. Yeah things are hectic with demands flooding in from all directions but we want to make your job easier and better

Also, check back in a month. Sometimes a domain squatter will just never at, hopin to flip it before the registrar takes it back

The problem is buying means nothing about whether it is legit or whether a company decides they want it. It only means you reserved it. Any disagreements are hashed out after the fact in court. It’s not a game that individuals can afford to win vs a corp